njrat | fa48d98553995227a1270625866c9622843897d80bfd8702f0a1c2a876536c77 | Triage

Submit
Reports

Overview

overview

Static

static

fa48d98553...77.exe

windows7-x64

8

fa48d98553...77.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

yaserhacker njrat

1 signatures

Behavioral task

behavioral1

Sample

fa48d98553995227a1270625866c9622843897d80bfd8702f0a1c2a876536c77.exe

Resource

win7-20220812-en

evasion persistence

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

fa48d98553995227a1270625866c9622843897d80bfd8702f0a1c2a876536c77.exe

Resource

win10v2004-20220812-en

evasion persistence

windows10-2004-x64

6 signatures

150 seconds

General

Target

fa48d98553995227a1270625866c9622843897d80bfd8702f0a1c2a876536c77
Size

35KB
MD5

963e766e334938f676d80a7f4f7be5f0
SHA1

6fc59fd585cd058c5d8791c1384ad30b4042b8bd
SHA256

fa48d98553995227a1270625866c9622843897d80bfd8702f0a1c2a876536c77
SHA512

281b2dadc03a79154db46d9ff8c3da8e866d3547310d1673e47618b724a7d0476791e89e19599c4ef3753a3ada12bf897e68126f7eedccf31bfce49d1ee5da1d
SSDEEP

768:27v4AgMDgmjAq8XeIBKh0p29SgRkX7o3K:27vxUplKhG29jkXi

Score

10^/10

yaserhacker njrat

Malware Config

Extracted

Family

njrat

Version

0.6.4

Botnet

yaserhacker

C2

yaserhacker.no-ip.biz:1177

Mutex

5cd8f17f4086744065eb0992a09e05a2

Attributes

reg_key
5cd8f17f4086744065eb0992a09e05a2
splitter
|'|'|

Signatures

Njrat family
njrat

Files

fa48d98553995227a1270625866c9622843897d80bfd8702f0a1c2a876536c77
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy